Threat Hunting with Yara

Focused View

Cristian Pascariu

1:13:36

21 View

1 - Course_Overview

01 - Course Overview.mp4

01:50

2 - Getting_Started_with_Yara

02 - Introduction.mp4

02:03

03 - How Signature Detection Works.mp4

01:48

04 - What is Yara.mp4

02:20

05 - Yara Rules.mp4

01:30

06 - Defining Patterns.mp4

02:23

07 - Installing Yara.mp4

03:40

08 - Setting up an Analysis Environment.mp4

02:10

09 - Overview.mp4

00:52

3 - Identifying_Malicious_Artefacts

10 - Introduction.mp4

00:45

11 - Understanding the File Structure.mp4

01:47

12 - Extracting Patterns.mp4

01:50

13 - Yara Modules.mp4

03:11

14 - Generating Rules with Yargen.mp4

03:18

15 - Hunting for Artifacts.mp4

01:46

16 - Overview.mp4

00:52

4 - Writing_Detection_Rules

17 - Introduction.mp4

01:26

18 - Writing Detection Rules.mp4

02:34

19 - Avoiding False Positives.mp4

02:29

20 - Understanding the Infection Chain.mp4

02:27

21 - Detecting Malicious Documents.mp4

03:08

22 - Dealing with Packed Executables.mp4

04:24

23 - Overview.mp4

01:07

5 - Hunting_with_Yara

24 - Introduction.mp4

01:53

25 - Leveraging Existing Rules.mp4

03:20

26 - Getting Familiar with Yara Rules.mp4

04:27

27 - Alternative Hunting Tools.mp4

01:17

28 - Hunting at Scale with Yara.mp4

01:37

29 - Hunting at Scale with Procfilter.mp4

02:02

30 - Analyzing Memory Artifacts with Yara.mp4

03:06

31 - Detecting Threats Across the Network.mp4

01:47

32 - Hunting for Web Shells.mp4

02:49

33 - Overview.mp4

01:38

Description

With the battle on cyber threats becoming an uphill battle for current security capabilities, Threat Hunting with Yara will uplift your skills for detecting and defending against modern threats.

What You'll Learn?

Traditional hash-based detections are lagging behind when it comes to advanced malware threats. In this course, Threat Hunting with Yara, you will gain the ability to use Yara to identify and clarify malicious artifacts. First you will discover how to write effective rules, next you will craft detections based on patterns identified in suspicious binaries, finally you will explore hunting at scale strategies using Yara rules with other security capabilities. When you're finished with this course, you will have the skills and the knowledge of hunting for threats with Yara when responding to security incidents.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Ethical Hacking

Penetration Testing

Cristian Pascariu

Instructor's Courses

Cristian took part in auditing and implementation of infosec capabilities to uplift security posture. He managed codification efforts to extract indicators of compromise and created rules in the scope of defending against new emerging threats. He has also developed tools and scripts to overcome security gaps within the corporate network. Cristian has mentored L1 and L2 analysts to increase triage efficiency and combat new threats. He has experience in the field of Application Security and has provided Source Code Auditing for AAA game titles on mobile and PC platforms. Cristian has delivered Secure Coding training to development teams based on common SDLC pitfalls and industry best practices.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.